﻿using System;
using System.Collections.Generic;
using System.Data;
using System.Data.SqlClient;
using System.Web;
using System.Web.Security;
using System.Web.UI.WebControls;

/// <summary>
/// Summary description for Login
/// </summary>
public class Login
{
    SqlHelp help = new SqlHelp();
	public Login()
	{
		//
		// TODO: Add constructor logic here
		//
	}

    #region 加密的类型
    /// <summary>
    /// 加密的类型
    /// </summary>
    public enum PasswordType
    {
        SHA1,
        MD5
    }
    #endregion

    /// <summary>
    /// 字符串加密
    /// </summary>
    /// <param name="PasswordString">要加密的字符串</param>
    /// <param name="PasswordFormat">要加密的类别</param>
    /// <returns></returns>
    static public string EncryptPassword(string PasswordString, PasswordType PasswordFormat)
    {
        //加密字符串
        string passWord;	
        #region
        switch (PasswordFormat)
        {
            case PasswordType.SHA1:
                {
                    passWord = FormsAuthentication.HashPasswordForStoringInConfigFile(PasswordString, "SHA1");
                    break;
                }
            case PasswordType.MD5:
                {
                    passWord = FormsAuthentication.HashPasswordForStoringInConfigFile(PasswordString, "MD5").Substring(8, 16).ToLower();
                    break;
                }
            default:
                {
                    passWord = string.Empty;
                    break;
                }
        }
        return passWord;
        #endregion
    }


    /// <summary>
    ///  验证系统管理员用户名及密码
    /// </summary>
    public DataTable userLogin(string username)
    {
        string sql = String.Format("select u.* from B_User u where u.UserName='{0}' and u.DeleteFlag='0'", username);
        return help.GetDataTable(sql);
    }
    
    /// <summary>
    ///  验证系统管用户名及密码
    /// </summary>
    public DataTable userLogin(string username, string pwd)
    {
        SqlParameter[] para = new SqlParameter[] { 
            new SqlParameter("@USERNAME", username),
            new SqlParameter("@PWD", pwd) };
        string sql = "select u.* from B_User u where u.UserName=@USERNAME and u.UserPwd=@PWD and u.DeleteFlag='0'";

        return help.GetDataTable(sql, para);
    }
    public DataTable userLogin(string username, string pwd, string cocode)
    {
        SqlParameter[] para = new SqlParameter[] { 
            new SqlParameter("@USERNAME", username), 
            new SqlParameter("@PWD", pwd),
            new SqlParameter("@COCODE", cocode)};
        string sql = "select u.* from B_User u join B_UserCo uc on u.UserCode=uc.UserCode where u.UserName=@USERNAME and u.UserPwd=@PWD and u.DeleteFlag='0' and uc.CoCode=@COCODE ";

        return help.GetDataTable(sql, para);
    }

    /// <summary>
    /// 查询密码是否正确
    /// </summary>
    public int SelectPwd(string userNo, string pwd)
    {
        int m = 0;
        SqlParameter sp = new SqlParameter("@USERNO", userNo);
        SqlParameter sp1 = new SqlParameter("@PWD", pwd);
        SqlParameter[] para = new SqlParameter[] { sp, sp1 };
        string sql = "select count(*) from B_User where UserCode=@USERNO and UserPwd=@PWD";
        string temp = help.RunSqlReturn(sql, para);
        if (temp.Length > 0)
        { m = Convert.ToInt16(temp); }
        return m;
    }
    /// <summary>
    /// 修改密码
    /// </summary>
    public int EditPwd(string userNo, string pwd)
    {
        SqlParameter sp = new SqlParameter("@USERNO", userNo);
        SqlParameter sp1 = new SqlParameter("@PWD", pwd);
        SqlParameter[] para = new SqlParameter[] { sp, sp1 };
        string sql = "update B_User set UserPwd=@PWD where UserCode=@USERNO";
        return help.RunSqlInt(sql, para);
    }

    /// <summary>
    ///  绑定公司下拉菜单
    /// </summary>
    public DataTable GetCompany()
    {
        return help.GetDataTable("select CoCode,CoName from B_Company where DeleteFlag='0' ");
    }
}